Another malware discovered in November masked as a battery
enhancement application—called Android Optimization is as of late been brought
into highlight to have been customized in such a way so as to send 1,000 euros
to cyberthieves by means of PayPal in around 5 seconds and all this without the
user being able to stop it.
The malware is being circulated by third party applications
therefore making it unavailable in the official Google Play Store.
The malware is depicted as one to sagaciously exploit
Google's Accessibility Services, intended to assist individuals with
disabilities, to trick users into giving the hackers some control of the phone.
After the malware approaches the user for authorization to
"Enable Statistics "in the wake of being installed this empowers the
cybercriminals to take control of the phone remotely when the user opens
certain applications, for the most part some being: PayPal, Google Play,
WhatsApp, Skype, Viber, Gmail, and some other banking applications.
ESET researchers found that the malware can demonstrate
users overlay phishing pages made to look like legitimate banking applications,
or other well-known applications, such as, Gmail, WhatsApp, Skype and Viber,
approaching the users for credit card certifications.
“The whole process
takes about 5 seconds, and for an unsuspecting user, there is no feasible way
to intervene in time. The attackers fail only if the user has insufficient
PayPal balance and no payment card connected to the account. The malicious
Accessibility service is activated every time the PayPal app is launched,
meaning the attack could take place multiple times.” wrote ESET researcher
Lukas Stefanenko in a blog post.
A video by ESET showing how the malware works
